This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft File: lQPIUJD5zC4inTj96rrmJlCL3rg.mft (raw, json) Hash identifier: K51eMnUmurLTimRkp0u/26e9b0E0q9+5Dwaq+RlqyLQ= Subject key identifier: 73:2B:18:18:E1:1B:52:59:9A:8C:01:25:5B:D2:6F:D0:A8:EA:09:FF Authority key identifier: 95:03:C8:50:90:F9:CC:2E:22:9D:38:FD:EA:BA:E6:26:50:8B:DE:B8 Certificate issuer: /CN=9503c85090f9cc2e229d38fdeabae626508bdeb8 Certificate serial: 019C42B46FDF0FAC6D4683ED4EC5D71DC435 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQPIUJD5zC4inTj96rrmJlCL3rg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft Manifest number: 0531 Signing time: Mon 09 Feb 2026 14:00:46 +0000 Manifest this update: Mon 09 Feb 2026 14:00:46 +0000 Manifest next update: Tue 10 Feb 2026 14:00:46 +0000 Files and hashes: 1: lQPIUJD5zC4inTj96rrmJlCL3rg.crl (hash: /co7oSx955sEq5SAYhBZaSsks15W+TcVRnX17WlpdAY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.crl rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft rsync://rpki.ripe.net/repository/DEFAULT/lQPIUJD5zC4inTj96rrmJlCL3rg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:b4:6f:df:0f:ac:6d:46:83:ed:4e:c5:d7:1d:c4:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9503c85090f9cc2e229d38fdeabae626508bdeb8 Validity Not Before: Feb 9 14:00:46 2026 GMT Not After : Feb 10 14:00:46 2026 GMT Subject: CN=732b1818e11b52599a8c01255bd26fd0a8ea09ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:63:45:83:3b:c3:c9:d9:d7:26:b3:2b:a5:b2: c5:1e:ae:2d:09:ee:91:d0:f4:40:98:2e:97:e6:2d: 45:61:fc:e9:0f:30:8b:2e:47:77:96:03:6b:e6:a6: e0:02:68:46:71:a4:9e:2c:13:7e:bb:39:0f:e7:65: a7:6c:28:92:35:c7:9d:62:61:fb:fd:a1:c6:4e:34: 23:cd:f9:50:73:b4:e2:61:dd:10:cf:e1:a6:e7:17: a3:05:c2:e5:66:05:a1:94:be:d8:a0:86:02:2a:ce: 7f:8e:cc:c0:d3:25:18:76:29:d4:6f:84:fd:e3:f1: 9b:ff:f9:24:1a:1f:90:f6:af:98:18:d6:0a:d8:21: 45:95:9e:01:04:91:7b:e3:e0:e4:32:c3:97:4c:6b: ae:f4:0a:0f:f8:6e:04:b3:67:6f:d1:9b:8a:44:ca: f2:71:ce:fb:ee:1f:d7:1b:3e:fb:45:4d:2f:91:f0: 75:65:cb:cc:8a:c8:51:93:af:ad:61:44:18:ec:f6: 7d:75:8d:b9:20:db:57:0a:ca:23:59:20:0d:12:5d: 5a:d8:fa:7d:f7:71:ee:24:24:5e:49:c4:5a:63:61: e0:dd:66:3f:78:27:17:21:af:22:0d:b5:ef:5a:c2: 00:6f:34:f6:f0:ea:66:53:a2:4c:4f:f8:53:6e:0a: 72:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:2B:18:18:E1:1B:52:59:9A:8C:01:25:5B:D2:6F:D0:A8:EA:09:FF X509v3 Authority Key Identifier: keyid:95:03:C8:50:90:F9:CC:2E:22:9D:38:FD:EA:BA:E6:26:50:8B:DE:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQPIUJD5zC4inTj96rrmJlCL3rg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b6:00:91:e2:53:f2:fd:48:e4:e5:ff:37:ab:a4:fc:85:79:d2: 16:a9:8f:bd:1c:3e:ea:44:f2:45:f8:61:df:29:9a:01:e3:97: f9:25:d2:50:ef:56:cf:45:0e:09:08:46:70:82:24:c6:f6:2d: f2:bc:f6:c8:2b:21:bf:bc:e3:4f:b2:4a:57:7e:53:14:8e:f8: 93:e4:b7:77:77:a8:5f:82:26:c7:0b:0d:60:76:ee:00:21:d6: 39:d3:57:0a:e4:85:4b:5c:24:c9:b4:4b:a6:fb:69:e9:64:c2: 3f:6c:85:11:c4:83:75:af:1a:e1:f6:78:17:43:d0:11:de:1f: c4:28:f3:c5:b4:bb:4f:2d:03:27:85:9d:6b:96:ae:f5:d5:24: 57:eb:b3:8e:3c:e8:eb:f7:5c:29:88:df:df:93:c7:d6:11:63: 56:7e:a1:1d:bb:20:ae:30:cd:d6:df:aa:a6:41:fa:f9:f7:e9: a1:ef:aa:8e:57:0b:e4:65:c7:83:dc:74:b9:14:5f:c6:b5:70: a2:54:45:bb:82:55:4a:37:5e:56:6f:bd:9c:a9:40:9f:4a:2a: 3a:49:96:35:6a:5e:28:c6:a3:78:85:e7:0c:26:41:65:4d:4a: a6:7c:f8:ae:d2:6c:f9:f1:ac:76:da:97:57:db:ca:7a:97:46: 8d:c2:ce:9e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxCtG/fD6xtRoPtTsXXHcQ1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1MDNjODUwOTBmOWNjMmUyMjlkMzhmZGVhYmFlNjI2NTA4 YmRlYjgwHhcNMjYwMjA5MTQwMDQ2WhcNMjYwMjEwMTQwMDQ2WjAzMTEwLwYDVQQD Eyg3MzJiMTgxOGUxMWI1MjU5OWE4YzAxMjU1YmQyNmZkMGE4ZWEwOWZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymNFgzvDydnXJrMrpbLFHq4tCe6R 0PRAmC6X5i1FYfzpDzCLLkd3lgNr5qbgAmhGcaSeLBN+uzkP52WnbCiSNcedYmH7 /aHGTjQjzflQc7TiYd0Qz+Gm5xejBcLlZgWhlL7YoIYCKs5/jszA0yUYdinUb4T9 4/Gb//kkGh+Q9q+YGNYK2CFFlZ4BBJF74+DkMsOXTGuu9AoP+G4Es2dv0ZuKRMry cc777h/XGz77RU0vkfB1ZcvMishRk6+tYUQY7PZ9dY25INtXCsojWSANEl1a2Pp9 93HuJCReScRaY2Hg3WY/eCcXIa8iDbXvWsIAbzT28OpmU6JMT/hTbgpy+wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHMrGBjhG1JZmowBJVvSb9Co6gn/MB8GA1UdIwQY MBaAFJUDyFCQ+cwuIp04/eq65iZQi964MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbFFQSVVKRDV6QzRpblRqOTZycm1KbENMM3JnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8zOTI5NGMtZWJkMS00ZWY0LTkxNWUt ZjBkZDg3OWFlNTNhLzEvbFFQSVVKRDV6QzRpblRqOTZycm1KbENMM3JnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy8zOTI5NGMtZWJkMS00ZWY0LTkxNWUtZjBkZDg3OWFlNTNh LzEvbFFQSVVKRDV6QzRpblRqOTZycm1KbENMM3JnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtgCR4lPy /Ujk5f83q6T8hXnSFqmPvRw+6kTyRfhh3ymaAeOX+SXSUO9Wz0UOCQhGcIIkxvYt 8rz2yCshv7zjT7JKV35TFI74k+S3d3eoX4ImxwsNYHbuACHWOdNXCuSFS1wkybRL pvtp6WTCP2yFEcSDda8a4fZ4F0PQEd4fxCjzxbS7Ty0DJ4Wda5au9dUkV+uzjjzo 6/dcKYjf35PH1hFjVn6hHbsgrjDN1t+qpkH6+ffpoe+qjlcL5GXHg9x0uRRfxrVw olRFu4JVSjdeVm+9nKlAn0oqOkmWNWpeKMajeIXnDCZBZU1Kpnz4rtJs+fGsdtqX V9vKepdGjcLOng== -----END CERTIFICATE-----Generated at Mon Feb 9 19:59:28 2026 by rpki-client